
United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 

Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, Virginia 22313-1450 
www.uspto.gov 



APPLICATION NO 


FILING DATE 


FIRST NAMED INVENTOR 


ATTORNEY DOCKET NO. 


CONFIRMATION NO. 


09/728,800 


12/01/2000 


Niels Mache 


450117-02961 


5593 



20999 7590 01/06/2005 

FROMMER LAWRENCE & HAUG 
745 FIFTH AVENUE- 10THFL. 
NEW YORK, NY 10151 



EXAMINER 



ABRISHAMKAR, KAVEH. 



ART UNIT 



PAPER NUMBER 



2131 

DATE MAILED: 01/06/2005 



Please find below and/or attached an Office communication concerning this application or proceeding. 



PTO-90C (Rev. 10/03) 



# 

Offirf* Art inn Summan/ 


Application No. 

09/728,800 


Applicant(s) 

MACHE, NIELS 


Examin r 

Kaveh Abrishamkar 


Art Unit 

2131 





-- The MAILING DATE of this communication appears on the cover sh et with the correspond nc address 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

• Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )S Responsive to communication(s) filed on 23 July 2004 . 
2a)S This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-5,8-15 and 18-21 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E3 Claim(s) 1-53-1 5 and 18-21 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 1 1 9 

12) 03 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
aM All b)D Some * c)D None of: 

1 .^3 Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 

30 Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attachment(s) 

1) □ Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-413) 

2) O Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) □ Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08) 5 ) D Notice of Informal Patent Application (PTO-152) 

Paper No(s)/Mail Date . 6) D Other: . 



U.S. Patent and Trademark Office 

PTOL-326 (Rev. 1-04) 



Office Action Summary 



Part of Paper No./Mail Date 1 



Application/Control Number: 09/728,800 Page 2 

Art Unit: 2131 

DETAILED ACTION 
Response to Amendment 

1 . This action is in response to the amendment filed on July 23, 2004. Claims 1 - 
1 9 were originally presented for consideration. Per the received amendment, claims 1 , 
4-5, 8-11, 14-15, and 18-19 have been amended, claims 6-7 and 16-17 have been 
canceled, and new claims 20-21 have been added. Claims 1 - 5, 8 - 15, 18 -21 are 
currently being considered. 

Response to Arguments 

2. Applicant's arguments filed on July 23, 2004 have been fully considered but they 
are not persuasive for the following reasons: 

Regarding amended independent claims 1, 5, 1 1, and 15, the applicant argues that the 
cited prior art does not disclose "an acknowledgement key including a time stamp." The 
applicant argues that the reason for obviousness in the previous Office action is not 
sufficient grounds for rejecting the limitation "the acknowledgement key further 
comprises a time stamp." These arguments are not found persuasive in view of the 
cited prior art, Misra et al. (U.S. Patent 5,757,920). Misra discloses a logon certificate 
which contains a time stamp and temporal information which insure that the certificate 



Application/Control Number: 09/728,800 Page 3 

Art Unit: 2131 

containing the session key is valid (Figure 2A, column 46 - 55). This logon certificate is 
used to log onto a domain. Once logged into the domain/system, the server verifies the 
authenticity of the key and sends a new session key (acknowledgment key) to the client 
along with a ticket (column 8 lines 37 - 65). Misra disclose that the session key and 
ticket (acknowledgement key) can contain authorization data including a data structure 
similar to an authenticator which includes a time stamp (column 7 lines 35 - 52). 
Furthermore, Misra states that the time stamp "helps to minimize the time period in 
which an eavesdropper may used a copied ticket and authenticator pair" (column 45 - 
52). Therefore, for reasons set for in the previous Office action and above, it would 
have been obvious to add a time stamp to the acknowledgement key received at the 
originator from the destination to help minimize the time period that an eavesdropper 
may use a intercepted session key. 

Therefore, the examiner respectfully asserts that the cited prior art does teach or 
suggest the subject matter "the acknowledgement key further comprises a time stamp" 
broadly recited in amended independent claims 1,5,11, and 15. The dependent claims 
2-4, 8-10, 12-14, and 18-21 are rejected at least by virtue of their dependency on the 
independent claims and by other reasons set forth below. 

Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 
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3. Amended claim 10 is rejected under 35 U.S.C. 101 because "a software program 
product" is not implemented on a computer readable medium and therefore, cannot be 
"loaded into a computing device" as disclosed. Appropriate correction is needed to 
emphasize that the "software program product" is implemented on a computer-readable 
medium. 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claim 1 - 5, 8- 15, 18 -21 are rejected under 35 U.S.C. 103(a) as being 

unpatentable over Misra et al. (U.S. Patent 5,757,920). 

Regarding claim 1, Misra discloses: 

Method for the authentication of data communicated from a originator to a 
destination, wherein a keyed hashing technique is used, according to which data to be 
authenticated is concatenated with a private key and then processed with a 
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cryptographic hash function, and the data are transmitted together with the digest of the 
hash function from the originator to the destination, 
characterized in that 

the data comprises temporal validity information representing the temporal validity of 
the data (Figure 2A, column 5 line 47 - column 6 line 31 ). 

Misra does not explicitly disclose the acknowledgement key comprising a time stamp 
and a temporal validity information. Misra discloses a logon certificate which contains a 
time stamp and temporal information which insure that the certificate containing the 
session key is valid (Figure 2A, column 46 - 55). This logon certificate is used to log 
onto a domain. Once logged into the domain/system, the server verifies the authenticity 
of the key and sends a new session key (acknowledgment key) to the client along with a 
ticket (column 8 lines 37 - 65). Misra disclose that the session key and ticket 
(acknowledgement key) can contain authorization data including a data structure similar 
to an authenticator which includes a time stamp (column 7 lines 35 - 52). Furthermore, 
Misra states that the time stamp "helps to minimize the time period in which an 
eavesdropper may used a copied ticket and authenticator pair" (column 45 - 52). 
Therefore, for reasons set for in the previous Office action and above, it would have 
been obvious to add a time stamp to the acknowledgement key received at the 
originator from the destination to help minimize the time period that an eavesdropper 
may use a intercepted session key. 



Regarding claim 5, Misra discloses: 
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Method for the authenticated transmission of messages, comprising the following 
communication setup steps: 

generating a login key by a keyed-hashing method on the basis of random data, 
temporal validity information and a private key (column 5 line 47 - column 6 line 31); 

transmitting the login key from an originator to a destination (column 7 lines 10- 
21); and 

verifying the authenticity and the temporal validity of the login key on the basis of 
the keyed hashing digest on the destination side (column 8 lines 45 - 65); and 
comprising the following acknowledgement steps: 

in case the verification of the authenticity and the temporal validity of the login 
key is positive, 

generating an acknowledgement key by a keyed-hashing method on the basis of 
second random data and the private key (column 8 lines 45 - 65); 

transmitting the acknowledgement key from the destination to the originator 
(Figure 4B, column 8 lines 60-65); and 

verifying the acknowledgement key by the originator, including checking the 
acknowledgment key (column 8 line 66 - column 9 line 9). 
furthermore comprising the following acknowledgement steps: 

Misra does not explicitly disclose the acknowledgement key comprising a time stamp 
and a temporal validity information. Misra discloses a logon certificate which contains a 
time stamp and temporal information which insure that the certificate containing the 
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session key is valid (Figure 2A, column 46 - 55). This logon certificate is used to log 
onto a domain. Once logged into the domain/system, the server verifies the authenticity 
of the key and sends a new session key (acknowledgment key) to the client along with a 
ticket (column 8 lines 37 - 65). Misra disclose that the session key and ticket 
(acknowledgement key) can contain authorization data including a data structure similar 
to an authenticator which includes a time stamp (column 7 lines 35 - 52). Furthermore, 
Misra states that the time stamp "helps to minimize the time period in which an 
eavesdropper may used a copied ticket and authenticator pair" (column 45 - 52). 
Therefore, for reasons set for in the previous Office action and above, it would have 
been obvious to add a time stamp to the acknowledgement key received at the 
originator from the destination to help minimize the time period that an eavesdropper 
may use a intercepted session key. 

Regarding claim 11, Misra discloses: 

Distributed system for communicating authenticated data from a originator to a 
destination, designed for a keyed hashing technique according to which data to be 
authenticated is concatenated with a private key and then processed with a 
cryptographic hash function, and the data are transmitted together with the digest of the 
hash function from the originator to the destination, 
characterized in that 

the data comprises temporal validity information representing the temporal validity of the 
data (Figure 2A, column 5 line 47 - column 6 line 31). 
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Misra does not explicitly disclose the acknowledgement key comprising a time stamp 
and a temporal validity information. Misra discloses a logon certificate which contains a 
time stamp and temporal information which insure that the certificate containing the 
session key is valid (Figure 2A, column 46 - 55). This logon certificate is used to log 
onto a domain. Once logged into the domain/system, the server verifies the authenticity 
of the key and sends a new session key (acknowledgment key) to the client along with a 
ticket (column 8 lines 37 - 65). Misra disclose that the session key and ticket 
(acknowledgement key) can contain authorization data including a data structure similar 
to an authenticator which includes a time stamp (column 7 lines 35 - 52). Furthermore, 
Misra states that the time stamp "helps to minimize the time period in which an 
eavesdropper may used a copied ticket and authenticator pair" (column 45 - 52). 
Therefore, for reasons set for in the previous Office action and above, it would have 
been obvious to add a time stamp to the acknowledgement key received at the 
originator from the destination to help minimize the time period that an eavesdropper 
may use a intercepted session key. 

Regarding claim 15, Misra discloses: 

Distributes system for the authenticated transmission of messages, comprising: 
an originator designed to generate a login key by a keyed-hashing method on the basis 
of random data, temporal validity information and a private key (column 5 line 47 - 
column 6 line 31); 
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a network for transmitting the login key from the originator to a destination (column 7 
lines 10-21), 

wherein the destination is designed to verify the authenticity and the temporal validity of 
the login key on the basis of the keyed hashing digest (column 8 lines 45 - 65). 

Misra does not explicitly disclose the acknowledgement key comprising a time stamp 
and a temporal validity information. Misra discloses a logon certificate which contains a 
time stamp and temporal information which insure that the certificate containing the 
session key is valid (Figure 2A, column 46 - 55). This logon certificate is used to log 
onto a domain. Once logged into the domain/system, the server verifies the authenticity 
of the key and sends a new session key (acknowledgment key) to the client along with a 
ticket (column 8 lines 37 - 65). Misra disclose that the session key and ticket 
(acknowledgement key) can contain authorization data including a data structure similar 
to an authenticator which includes a time stamp (column 7 lines 35 - 52). Furthermore, 
Misra states that the time stamp "helps to minimize the time period in which an 
eavesdropper may used a copied ticket and authenticator pair" (column 45 - 52). 
Therefore, for reasons set for in the previous Office action and above, it would have 
been obvious to add a time stamp to the acknowledgement key received at the 
originator from the destination to help minimize the time period that an eavesdropper 
may use a intercepted session key. 



Claim 2 is rejected as applied above in rejecting claim 1 . Furthermore, Misra discloses: 
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Method according to claim 1, characterized in that the temporal validity 
information can be defined by the originator (column 5 line 47-55). 

Claim 3 is rejected as applied above in rejecting claim 1 . Furthermore, Misra discloses: 

Method according to anyone of the preceding claims, characterized in that the 
data comprises random data which are unique for a time span defined by the temporal 
validity information (column 5 line 47-55). 

Claim 4 is rejected as applied above in rejecting claim 1 . Furthermore, Misra discloses: 

Method according to anyone of the preceding claims, characterized in that the 
data is a login key for a communication setup (column 5 lines 47-55). 

Misra describes a session key (Figure 2A item 120), which is analogous to the login key 
delineated in above claim 4. 

Claim 8 is rejected as applied above in rejecting claim 5. Furthermore, Misra discloses: 

Method according to claim 5, furthermore comprising the following message 
transmission steps: in case the verification of the acknowledgment key is positive, 
extracting the second random data from the acknowledgment key, generating a 
message by a keyed-hashing method on the basis of the second random data, 
message data and the private key, transmitting the message from the originator to the 
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destination, and, verifying the message by the destination (column 8 line 66 - column 9 
line 9). 

Claim 10 is rejected as applied above in rejecting claim 5. Furthermore, Misra 
discloses: 

A software program product, characterized in that the software program product 
implements, when loaded into a computing device of a distributed system, a method 
according to claim 5 (column 5 line 47 - column 6 line 31 , column 7 lines 1 0-21 , column 
8 lines 45 -65). 

Claim 12 is rejected as applied above in rejecting claim 1 1 . Furthermore, Misra 
discloses: 

Distributed system according to claim 1 1 , characterized in that the originator is 
designed to define the temporal validity information (column 5 line 47-55). 

Claim 13 is rejected as applied above in rejecting claim 1 1 . Furthermore, Misra 
discloses: 

Distributed system according to claim 1 1 , characterized in that the data 
comprises random data which are unique for a time span defined by the temporal 
validity information (column 5 line 47-55). 
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Claim 14 is rejected as applied above in rejecting claim 1 1 . Furthermore, Misra 
discloses: 

Distributed system according to claim 11, characterized in that the data is a login 
key for a communication setup (column 5 lines 47-55). 

Misra describes a session key (Figure 2A item 120), which is analogous to the login key 
delineated in above claim 4. 

Claim 18 is rejected as applied above in rejecting claim 15. Furthermore, Misra 
discloses: 

Distributed system according to claim 15, characterized in that the originator is 
designed to extract the second random data from the acknowledgment key in case the 
verification of the acknowledgment key is positive, generate a message by a keyed- 
hashing method on the basis of the second random data, message data and the private 
key, and transmit the message to the destination, and the destination is designed to 
verify the message (column 8 line 66 - column 9 line 9). 

Claim 9 is rejected as applied above in rejecting claim 8. Furthermore, Misra discloses: 

Method according to claim 8, characterized in that the message furthermore 
comprises a time stamp of the message and when verifying the message it is checked 
on the basis of the time stamp and the temporal validity information whether the 
message is still valid (column 5 line 47 - column 6 line 31). 
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Claim 19 is rejected as applied above in rejecting claim 18. Furthermore, Misra 
discloses: 

Distributed system according to claim 18, characterized in that the message 
furthermore comprises a time stamp and when verifying the message, the destination 
checks on the basis of the time stamp of the message and the temporal validity 
information whether the message is still valid (column 5 line 47 - column 6 line 31). 

Claim 20 is rejected as applied above in rejecting claim 1 . Furthermore, Misra 
discloses: 

Method according to claim 1, characterized in that the data is a message (column 
5 lines 47-55). 

Claim 21 is rejected as applied above in rejecting claim 1 1 . Furthermore, Misra 
discloses: 

Distributed system according to claim 1 1 , characterized in that the data is a 
message (column 5 lines 47 - 55). 
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Conclusion 



5. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kaveh Abrishamkar whose telephone number is 571- 
272-3786. The examiner can normally be reached on Monday thru Friday 8-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for . 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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